Data responsibilities online


When it comes to business, everyone is aware of the data protection act. This law covers, in general, the requirements for companies to securely look after the personal data of their customers, such as financial information.

download (2)

However, there are further requirements for companies to bear in mind, especially when they’re operating online.


Domain names and URLS are given out by the Internet Corporation for Assigned Names and Numbers, or ICANN. The very best domains, such as .com or, are known as generic top level domains (gTLDs) and ICANN has various requirements for companies that want to hold on to their gTLD.

A large part of this is the sending of various data into a secure location. This is done through a Registry Data Escrow (RyDE) agreement into a secure account from an agency that specialises in ICANN Escrow. This involves specific data known as WHOIS data, and while it may seem like a small task, it is a fundamental requirement should you wish to keep your gTLD, which are often the most desirable domains.

Card data

Likewise, in addition to ICANN escrow requirements and the data protection act, companies wanting to acquire card data need to obtain a Payment Card Industry Data Security Standard (PCI DSS).

This is a general certificate that deems your website safe and secure for customers to give such sensitive information. In short, if you want to store these records, you need PCIDSS.

Extra security

Finally, while regulations such as ICANN escrow are all requirements, they should be seen more as bare minimums – there is nothing wrong with going above and beyond what is asked of you. The more effort you put into your security, for instance, the more trustworthy you may appear in the eyes of customers and potential business partners.

It also stands to give you a competitive edge. In the interest of two businesses, any extra display of effort will surely give you an advantage. In this way, the additional security measures can be used as a form of advertisement and something to be proud of, while other firms may simply view their data protection as a chore to get out of the way.

It also means, should criminals be looking for an easy target, your business is less likely to be targeted. The bare minimum is the easiest for hackers to choose, so going above this further removes your website from the shortlist.